Forum Discussion
Son_of_Tom_1379
Nimbostratus
Aug 14, 2014SWG Evaluation
Hey There,
We're evaluating the SWG module to see if it fits well in a consolidation piece we're looking to perform. So far the base configuration seems convoluted, when compared with other forw...
- Aug 19, 2014
In fact, you can do SSL interception with embedded certificates (ex: "default" for F5).
You have to make sure of two things : - the Certificate is trusted by users, - the certificate is able to sign child certificates (keyring).
Please find below two links : - generating certificates for SSL interception : http://communicationsfinance.com/wp-content/uploads/2013/04/SSL-Interception-on-Proxy-SG.pdf - Configuring SSL Forward Proxy on F5 : http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-5-1/16.htmlconceptid
Son_of_Tom_1379
Nimbostratus
Aug 14, 2014Update - I have it working... it would have helped if I had typed a passphrase... the second point is moot, it's port 8080 and the tunnel takes care of it.
But, I'm receiving an invalid certificate as it's presented from localhost.domain, as I'm using the default, so I'm still trying to figure out what cert I should be using here.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects